Christian Biere ha scritto: > gionnico wrote: >> This is my question: is it possible to block outgoing traffic and to >> allow only gtk-gnutella with a good SPI firewall (iptables), that >> doesn't know the application that generated it? > > On the same machine, the packet filter can determine the application > and the user of each outbound packet, so you could restrict it > appropriately locally. A router does not have this information and > you cannot filter outbound traffic just by looking at the port numbers > without degrading service. Outbound UDP traffic can be limited to > the source port number that your peer uses. Outbound TCP traffic > will either have the source port number of your peer or an anonymous > source port number above 1023 (usually something above 32000). >
Thanks for the UDP suggestion! And for TCP I think at least I'll only allow traffic generated from a high-port (and only my computer) for a little more security and less paranoia. ;) -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Hai bisogno di un prestito? Chiedi a Prometeo qual è lofferta sul mercato più adatta a te, chiedere non costa nulla e basta un click! * Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7431&d=10-1 ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ gtk-gnutella-devel mailing list gtk-gnutella-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel